Using an old Mac Book Pro for pentesting
MacBook Book Pro is and has always been a high quality computer. They tend to last long and I usually keep mine for at least 3 years, but many times as long as 5 to 6 years before it’s necessary to upgrade my everyday workhorse.
What happens then, more often than not, is that the old Mac Book Pro becomes a computer dedicated for hacking and pentesting. Everyone has different setups that they like but in this case I like to go with the mainstream and install a bare metal installation of Kali Linux.
This often comes with some problems. In this short article I describe how to get my rather old Mac Book Pro up and running with Kali Linux. This is a Mac Boc Pro 15" unibody from around 2010. To get the best out of this hardware there are some problems to deal with.
Let’s go!
Pimping
First of all you need to do some pimping! That’s mandatory.
Joking aside, I admit I like to put stickers from the latest and greatest conferences to give my computer some attitude. But I think you should think twice before wallpapering your computers back with funny hackerjokes.
By doing this you make it very obvious to everyone who you are and what you are doing. That might not be an issue, but at times it could be. I make sure I have a “clean” computer that I can bring to places where it’s a better idea to blend in. But this one needs some grit :) not too much, just a little.
Installation
There are very good guides for doing a bare metal installation of Kali on a Mac available over at https://www.kali.org/docs/installation/hard-disk-install-on-mac Just download the installation media and follow the instructions and you will be good.
Now let’s fix some problems!
Update software lists
First of all we want to refresh our lists of availble software so that we can install upgrades if available.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ sudo apt update 100 ⨯
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for f1rstr3am:
Get:1 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling InRelease [30.5 kB]
Get:2 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 Packages [17.9 MB]
Get:3 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 Contents (deb) [40.2 MB]
Get:4 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/contrib amd64 Packages [106 kB]
Get:5 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/contrib amd64 Contents (deb) [132 kB]
Get:6 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/non-free amd64 Packages [209 kB]
Get:7 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/non-free amd64 Contents (deb) [959 kB]
Fetched 59.5 MB in 1min 24s (707 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1042 packages can be upgraded. Run 'apt list --upgradable' to see them.
When doing this I encounter the first problem. The download speed is terrible. Something is obviosly wrong with our wifi. Let’s try to fix this issue before doing anything else.
Network
Let’s try to measure just how bad the speed of the wifi is. We use speedtest to check our download and upload speed.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
Retrieving speedtest.net configuration...
Testing from Bahnhof AB (109.228.146.253)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Bahnhof AB (Stockholm) [65.39 km]: 14.086 ms
Testing download speed................................................................................
Download: 0.32 Mbit/s
Testing upload speed................................................................................................
Upload: 11.46 Mbit/s
0.32 Mbit/s :'( that’s just terrible. Let’s check what chipset we are using.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ lspci -knn | grep Net -A2
02:00.0 Ethernet controller [0200]: Broadcom Inc. and subsidiaries NetXtreme BCM5764M Gigabit Ethernet PCIe [14e4:1684] (rev 10)
Subsystem: Broadcom Inc. and subsidiaries NetXtreme BCM5764M Gigabit Ethernet PCIe [14e4:1684]
Kernel driver in use: tg3
Kernel modules: tg3
03:00.0 Network controller [0280]: Broadcom Inc. and subsidiaries BCM43224 802.11a/b/g/n [14e4:4353] (rev 01)
Subsystem: Apple Inc. AirPort Extreme [106b:0093]
Kernel driver in use: bcma-pci-bridge
That old Mac Book Pro uses the Broadcom BCM43224 network controller and the loaded driver is bcma-pci-bridge. A few google searches and I find that bad performace with this configuration is a common issue. Let’s just install another driver.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ sudo apt install broadcom-sta-dkms 127 ⨯
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
libx265-192
Use 'sudo apt autoremove' to remove it.
The following additional packages will be installed:
dctrl-tools dkms linux-compiler-gcc-10-x86
linux-headers-5.10.0-kali9-amd64 linux-headers-5.10.0-kali9-common
linux-headers-amd64 linux-kbuild-5.10
Suggested packages:
menu
The following NEW packages will be installed:
broadcom-sta-dkms dctrl-tools dkms linux-compiler-gcc-10-x86
linux-headers-5.10.0-kali9-amd64 linux-headers-5.10.0-kali9-common
linux-headers-amd64 linux-kbuild-5.10
0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
Need to get 15.9 MB of archives.
After this operation, 78.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://http.kali.org/kali kali-rolling/main amd64 dctrl-tools amd64 2.24-3+b1 [104 kB]
Get:2 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 dkms all 2.8.4-4 [78.3 kB]
Get:3 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/non-free amd64 broadcom-sta-dkms all 6.30.223.271-17 [2,208 kB]
Get:4 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 linux-compiler-gcc-10-x86 amd64 5.10.46-4kali1 [1,054 kB]
Get:6 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 linux-kbuild-5.10 amd64 5.10.46-4kali1 [1,296 kB]
Get:5 http://saimei.ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 linux-headers-5.10.0-kali9-common all 5.10.46-4kali1 [9,552 kB]
Get:7 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 linux-headers-5.10.0-kali9-amd64 amd64 5.10.46-4kali1 [1,576 kB]
Get:8 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 linux-headers-amd64 amd64 5.10.46-4kali1 [1,148 B]
Fetched 15.9 MB in 6min 52s (38.5 kB/s)
Selecting previously unselected package dctrl-tools.
(Reading database ... 266623 files and directories currently installed.)
Preparing to unpack .../0-dctrl-tools_2.24-3+b1_amd64.deb ...
Unpacking dctrl-tools (2.24-3+b1) ...
Selecting previously unselected package dkms.
Preparing to unpack .../1-dkms_2.8.4-4_all.deb ...
Unpacking dkms (2.8.4-4) ...
Selecting previously unselected package broadcom-sta-dkms.
Preparing to unpack .../2-broadcom-sta-dkms_6.30.223.271-17_all.deb ...
Unpacking broadcom-sta-dkms (6.30.223.271-17) ...
Selecting previously unselected package linux-compiler-gcc-10-x86.
Preparing to unpack .../3-linux-compiler-gcc-10-x86_5.10.46-4kali1_amd64.deb ...
Unpacking linux-compiler-gcc-10-x86 (5.10.46-4kali1) ...
Selecting previously unselected package linux-headers-5.10.0-kali9-common.
Preparing to unpack .../4-linux-headers-5.10.0-kali9-common_5.10.46-4kali1_all.deb ...
Unpacking linux-headers-5.10.0-kali9-common (5.10.46-4kali1) ...
Selecting previously unselected package linux-kbuild-5.10.
Preparing to unpack .../5-linux-kbuild-5.10_5.10.46-4kali1_amd64.deb ...
Unpacking linux-kbuild-5.10 (5.10.46-4kali1) ...
Selecting previously unselected package linux-headers-5.10.0-kali9-amd64.
Preparing to unpack .../6-linux-headers-5.10.0-kali9-amd64_5.10.46-4kali1_amd64.deb ...
Unpacking linux-headers-5.10.0-kali9-amd64 (5.10.46-4kali1) ...
Selecting previously unselected package linux-headers-amd64.
Preparing to unpack .../7-linux-headers-amd64_5.10.46-4kali1_amd64.deb ...
Unpacking linux-headers-amd64 (5.10.46-4kali1) ...
Setting up linux-compiler-gcc-10-x86 (5.10.46-4kali1) ...
Setting up linux-headers-5.10.0-kali9-common (5.10.46-4kali1) ...
Setting up linux-kbuild-5.10 (5.10.46-4kali1) ...
Setting up dctrl-tools (2.24-3+b1) ...
Setting up linux-headers-5.10.0-kali9-amd64 (5.10.46-4kali1) ...
Setting up linux-headers-amd64 (5.10.46-4kali1) ...
Setting up dkms (2.8.4-4) ...
Setting up broadcom-sta-dkms (6.30.223.271-17) ...
Loading new broadcom-sta-6.30.223.271 DKMS files...
Building for 5.10.0-kali9-amd64
Building initial module for 5.10.0-kali9-amd64
Done.
wl.ko:
Running module version sanity check.
- Original module
- No original module exists within this kernel
- Installation
- Installing to /lib/modules/5.10.0-kali9-amd64/updates/dkms/
depmod....
Backing up initrd.img-5.10.0-kali9-amd64 to /boot/initrd.img-5.10.0-kali9-amd64.old-dkms
Making new initrd.img-5.10.0-kali9-amd64
(If next boot fails, revert to initrd.img-5.10.0-kali9-amd64.old-dkms image)
update-initramfs..........
DKMS: install completed.
Processing triggers for man-db (2.9.4-2) ...
Processing triggers for kali-menu (2021.4.0) ...
Because of the bad download speed this takes some time. After these drivers are installed we need to reboot.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ sudo reboot now
Once rebooted and logged in again we can check that our new driver is installed and functioning:
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ lspci -knn | grep Net -A2
02:00.0 Ethernet controller [0200]: Broadcom Inc. and subsidiaries NetXtreme BCM5764M Gigabit Ethernet PCIe [14e4:1684] (rev 10)
Subsystem: Broadcom Inc. and subsidiaries NetXtreme BCM5764M Gigabit Ethernet PCIe [14e4:1684]
Kernel driver in use: tg3
Kernel modules: tg3
03:00.0 Network controller [0280]: Broadcom Inc. and subsidiaries BCM43224 802.11a/b/g/n [14e4:4353] (rev 01)
Subsystem: Apple Inc. AirPort Extreme [106b:0093]
Kernel driver in use: wl
Yes it looks like we have our new driver installed. Time to do another speed test:
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
Retrieving speedtest.net configuration...
Testing from Bahnhof AB (109.228.146.253)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Tele2 (Kista) [55.30 km]: 5.72 ms
Testing download speed................................................................................
Download: 152.51 Mbit/s
Testing upload speed................................................................................................
Upload: 145.99 Mbit/s
145 Mbit/s that’s a great improvment. The wifi I was using should be able to deliver speeds of 300 Mbit/s but this is a 10 year old chipset so about 150 Mbit/s is ok. Now when the we have a decent download speed it’s time to upgrade our Kali installation.
Upgrade
Let’s just make sure that we have the latest and greatest packages installed.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ sudo apt full-upgrade -y
[sudo] password for f1rstr3am:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
libdav1d4 libepsilon1 libgdal28 libidn11 libntfs-3g883 libx265-192
libyara4 python3-ipython-genutils
Use 'sudo apt autoremove' to remove them.
The following NEW packages will be installed:
gcc-11-base libcommon-sense-perl libdav1d5 libgdal29 libidn12
libjson-perl libjson-xs-perl libntfs-3g89 libtypes-serialiser-perl
libx265-199 libyara8 libzimg2 proj-bin python3-jq rpcsvc-proto
The following packages will be upgraded:
acl adwaita-icon-theme alsa-topology-conf apparmor apt apt-utils atftpd
attr bash-completion binutils binutils-common binutils-x86-64-linux-gnu
binwalk blueman bluez bluez-hcidump bluez-obexd bundler cherrytree commix
cpp-10 crackmapexec dconf-gsettings-backend dconf-service
dictionaries-common exploitdb g++-10 gcc-10 gcc-10-base gcr gdal-data
gdisk gir1.2-gstreamer-1.0 gir1.2-gtk-3.0 gir1.2-pango-1.0
gir1.2-soup-2.4 gir1.2-wnck-3.0 git git-man gnome-desktop3-data grep
groff-base gsettings-desktop-schemas gstreamer1.0-gl gstreamer1.0-libav
gstreamer1.0-plugins-bad gstreamer1.0-plugins-base
gstreamer1.0-plugins-good gstreamer1.0-x gtk-update-icon-cache hydra
hydra-gtk intel-media-va-driver ipp-usb iproute2 kali-desktop-base
kali-desktop-core kali-desktop-xfce kali-linux-core kali-linux-default
kali-linux-headless kali-menu kali-themes kali-themes-common
kali-tools-top10 kali-tweaks laudanum ldap-utils lib32gcc-s1 lib32stdc++6
libaa1 libacl1 libaec0 libapparmor1 libapt-pkg6.0 libasan6 libass9
libatk-wrapper-java libatk-wrapper-java-jni libatomic1 libattr1
libavcodec58 libavfilter7 libavformat58 libavutil56 libbinutils
libbluetooth3 libbpf0 libc-bin libc-dev-bin libc-l10n libc6 libc6-dev
libc6-i386 libcc1-0 libcharls2 libcrypt-dev libcrypt1 libcrypto++8
libctf-nobfd0 libctf0 libcups2 libdap27 libdapclient6v5 libdconf1
libdigest-hmac-perl libedit2 libegl1 libfcgi-perl libfile-basedir-perl
libgcc-10-dev libgcc-s1 libgck-1-0 libgcr-base-3-1 libgcr-ui-3-1
libgcrypt20 libgdal28 libgdbm-compat4 libgdbm6 libgfortran5 libgl1
libglibmm-2.4-1v5 libglvnd0 libglx0 libgmp-dev libgmp10 libgmpxx4ldbl
libgnome-desktop-3-19 libgnutls30 libgomp1 libgpgme11 libgpm2
libgraphene-1.0-0 libgs9 libgs9-common libgssdp-1.2-0
libgstreamer-gl1.0-0 libgstreamer-plugins-bad1.0-0
libgstreamer-plugins-base1.0-0 libgstreamer1.0-0 libgtk-3-0 libgtk-3-bin
libgtk-3-common libhdf4-0-alt libheif1 libhttp-message-perl libigdgmm11
libilmbase25 libitm1 libjack-jackd2-0 libjs-sphinxdoc libjs-underscore
libkpathsea6 libksba8 libldap-2.4-2 liblouis-data liblouis20 liblsan0
libmanette-0.2-0 libmfx1 libmongocrypt0 libmpg123-0 libncurses-dev
libncurses5 libncurses6 libncursesw6 libnet-http-perl libnet-libidn-perl
libnet-netmask-perl libnewt0.52 libnftables1 libnftnl11 libnss3 libnuma1
libobjc-10-dev libobjc4 libopenexr25 libout123-0 libp11-kit0
libpam-modules libpam-modules-bin libpam-runtime libpam0g libpango-1.0-0
libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 libpcap0.8
libpci3 libpipewire-0.3-0 libpipewire-0.3-common libpipewire-0.3-modules
libpostproc55 libpq5 libproxychains4 libpython3.9 libpython3.9-dev
libpython3.9-minimal libpython3.9-stdlib libqscintilla2-qt5-15
libqscintilla2-qt5-l10n libqt5webkit5 libquadmath0 librubberband2
libsamplerate0 libsdl2-2.0-0 libsoundtouch1 libsoup-gnome2.4-1
libsoup2.4-1 libspa-0.2-modules libsqlite3-0 libsrtp2-1 libssh-4
libssh-gcrypt-4 libssh2-1 libstdc++-10-dev libstdc++6
libstring-random-perl libswresample3 libswscale5 libsyn123-0 libsynctex2
libsz2 libtasn1-6 libthai-data libthai0 libtinfo-dev libtinfo5 libtinfo6
libtk8.6 libtsan0 libubsan1 libva-drm2 libva-x11-2 libva2 libvpx6
libvulkan1 libwacom-bin libwacom-common libwacom2 libwireshark-data
libwireshark14 libwiretap11 libwnck-3-0 libwnck-3-common libwsutil12
libxfce4ui-2-0 libxfce4ui-common libxfce4ui-utils libz3-4 libz3-dev
locales metasploit-framework mpg123 nano ncurses-base ncurses-bin
ncurses-term nftables ntfs-3g openfortivpn openssh-client openssh-server
openssh-sftp-server orca p11-kit p11-kit-modules pciutils pgcli pipewire
pipewire-bin pipewire-media-session plocate poppler-data postgresql
postgresql-13 postgresql-client-13 postgresql-client-common
postgresql-common powershell-empire proxychains4 pyqt5-dev-tools
python-tables-data python3-aioredis python3-aniso8601 python3-asgiref
python3-bidict python3-binwalk python3-cli-helpers python3-deprecation
python3-distro python3-distutils python3-flask-restful python3-gdal
python3-git python3-gitdb python3-gpg python3-hupper
python3-ipython-genutils python3-lib2to3 python3-louis python3-netaddr
python3-newt python3-numexpr python3-pefile python3-pycurl python3-pyproj
python3-pyqt5 python3-pyqt5.sip python3-setproctitle python3-tables
python3-tables-lib python3-tk python3-traitlets python3-unidecode
python3-uvloop python3-webencodings python3-websockets python3-wsproto
python3-xlsxwriter python3-yara python3.9 python3.9-dev python3.9-minimal
recon-ng ruby-bundler ruby-opt-parse-validator ruby-pkg-config
ruby-rubygems screen sed sensible-utils skipfish sphinx-rtd-theme-common
sqlite3 sqlmap starkiller sysvinit-utils tcpdump testdisk thc-pptp-bruter
theharvester tmux tshark tzdata udptunnel unrar va-driver-all whiptail
wireless-regdb wireshark wireshark-common wireshark-qt
xdg-desktop-portal-gtk xfce4-whiskermenu-plugin xl2tpd zenity
zenity-common zsh zsh-common
360 upgraded, 15 newly installed, 0 to remove and 0 not upgraded.
Need to get 577 MB of archives.
...
...
...
Keyboard
Out of the box most of the keyboard works fine. But some stuff like “|”, “{” and “}” is placed on strange places. At least this is the case with a swedish iso keyboard. This is a very simple issue to fix. Just use the built in app for keyboard settings.
Click the layout tab and change layout to Apple Aluminum (ISO). Everything should now be mapped like it shuld be.
GPU
If you want to use the GPU for things like cracking hashes you need a working OpenCL or CUDA. We can just run hashcat to see if there are any good devices for cracking available.
┌──(f1rstr3am㉿mullugutherum)-[~]
└─$ hashcat -I 255 ⨯
hashcat (v6.1.1) starting...
OpenCL Info:
============
OpenCL Platform ID #1
Vendor..: The pocl project
Name....: Portable Computing Language
Version.: OpenCL 1.2 pocl 1.6, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG
Backend Device ID #1
Type...........: CPU
Vendor.ID......: 128
Vendor.........: GenuineIntel
Name...........: pthread-Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Version........: OpenCL 1.2 pocl HSTR: pthread-x86_64-pc-linux-gnu-westmere
Processor(s)...: 4
Clock..........: 2661
Memory.Total...: 5835 MB (limited to 2048 MB allocatable in one block)
Memory.Free....: 5771 MB
OpenCL.Version.: OpenCL C 1.2 pocl
Driver.Version.: 1.6
There’s nothing more than the cpu available. After some extensive use of Google I found out that the default open source Nvidia driver called Nouveau does not support OpenCL. A recommended solution is to install the closed source drivers like
sudo apt install -y nvidia-driver nvidia-cuda-toolkit
DO NOT DO THIS
With my old Mac I ended up with a black screen at boot and hade to go into recovery mode to remove the Nvidia drivers. I tried installing some realy old ones which I downloaded from Nvidias driver page but without success.
So for now there won’t be any fancy GPU accelerated hash cracking on this machine. But that’s ok, the nouvea driver works just ok for the regular desktop usage.
For serious hash cracking a dedicated rig with som new GeForce 30X0 series is better option anyway (we will look in to that in another post).
Summary
Every old Mac will have it’s own quirks and problems. Other chipsets will have other problems. The wifi problems described here are quite common even in newer chipsets, so if you are trying to reuse an older Mac I hope you can get some help from this post.
If someone solves the problem with the GPU drivers in some way please tell me. My Mac is now ready for extensive hacker use in many more years to come. If I could add some hash cracking spice to it I would be really happy.
Newer Macs will probably have better luck with the drivers and they will work out of the box with Kali. But I have an even older Mac that needs some special treatment with the rEFIt boot menu to work properly. I might do another post on breathing life into one of the realy early 2006 Mac Book Pros. Until then…
Happy hacking!
/Christian (f1rstr3am)
